4 c. receiving a response from the user based upon said challenge; 

5 d. processing said response to verify the user; 

6 e. assembling credentials for the transaction, said credentials 

7 comprising at least one key; 

8 f. providing at least a portion of said credentials to said user; 

9 g. receiving a second request from said user, said second request 

10 including said portion of said credentials; and 

1 1 h. validating said portion of said credentials with said key to provide 

12 access to a transaction service. 

44. (New) The method of Claim 43, wherein the transaction is an electronic 
purchase transaction. 

45. (New) The method of Claim 44, wherein the electronic purchase 
transaction is conducted using a digital wallet. 

46. (New) The method of Claim 43, wherein the instrument is a smartcard. 

1 47. (New) A computer-implemented method for protecting a network server 

2 from being used as the basis of an attack on a network client, the method 

3 comprising: 

4 a. receiving a request for a connection at said server from said 

5 network client; and 

6 b. scanning a portion of said network server for particular characters 

7 associated with a protocol; 

8 c. verifying that any response from said network server to said 

9 network client is void of said particular characters; and 

10 d. providing said response from said network server to said network 

11 client. 
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48. (New) The method of Claim 47 further comprising restricting access to 
said network server for said protocol to said portion of said network server. 

49. (New) The method of Claim 47 further comprising replacing said 
particular characters with benign characters such that a security risk 
posed by said selected protocol is reduced. 

50. (New) The method of Claim 47 wherein said protocol comprises 
javascript. 

51 . (New) The method of Claim 47 further comprising logging said particular 
characters to form a security log. 

52. (New) The method of Claim 51 further comprising reviewing said security 
log to determine whether said particular characters are hostile. 

53. (New) The method of Claim 47 wherein said protection of the network 
server is accomplished during an electronic purchase transaction. 

54. (New) The method of Claim 53 wherein the electronic purchase 
transaction is conducted using a digital wallet. 



1 55. (New) A transaction system for facilitating a financial transaction 

2 requested by a user operating a user computer on a data network, the 

3 system comprising: 

4 a. a transaction authorizer; and 

5 b. a security server configured to verify that an intelligent token is in 

6 the user's possession and to provide a digitial credential to said 

7 user computer if said verification is successful; 

8 wherein said transaction authorizer is configured to authorize a 

9 transaction requested by said user based at least in part upon said 
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digital credential provided by said user computer via said data 
network. 



56. (New) The transaction system of Claim 55, further comprising a 
transaction tool server. 

57. (New) The transaction system of Claim 55 further comprising a wallet 
server in communication with said user computer via said digital network. 

58. (New) The transaction system of Claim 57 wherein said wallet server is 
configured to receive a request for a transaction from said user computer, 
to contact a merchant computer system, and to provide information about 
said user to said merchant computer system. 

59. (New) The transaction system of Claim 55, wherein the user computer 
comprises a transaction tool and a reader, wherein said reader is 
configured to transfer information between the transaction tool and the 
intelligent token. 

60. (New) The transaction system of Claim 59, wherein said transaction tool 
is a wallet client. 

61 . (New) The transaction system of Claim 55, wherein the intelligent token is 
a smartcard. 

62. (New) The transaction system of Claim 55, wherein the connection 
between said security server and said transaction authorizer computer is 
through a data connection separate from said data network. 
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63. (New) The transaction system of Claim 59, wherein said transaction tool 
communicates with said security server via a data connection separate 
from said data network. 

64. (New) The transaction system of Claim 55, wherein the intelligent token 
comprises a digital certificate that uniquely identifies the user associated 
with the intelligent token. 

65. (New) The transaction system of Claim 64, wherein the user of said 
intelligent token unlocks access to the digital certificate by use of a 
personal identifier. 



66. (New) The transaction system of Claim 55, wherein the intelligent token is 
issued by an issuer and wherein a transaction made using said 
transaction system is considered a "card present" transaction as deemed 
by the issuer of the intelligent token. 

1 67. (New) A digital wallet client for facilitating electronic transactions via a 

2 digital network in conjunction with a browser program, the digital wallet 

3 client comprising: 

4 a. a wallet application configured to initiate a session with a wallet 

5 server via said digital network in response to inputs from a user; 

6 , and 

7 b. an interface to a reader device, wherein said reader device is 

8 configured to accept a token to verify the identity of said user; and 

9 wherein said wallet application is operable to authenticate said user 

10 to said wallet server using said token and to contact said wallet 

1 1 server via said digital network to consummate said electronic 

12 transactions. 
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68. (New) The digital wallet of claim 67 further comprising an activator for 
accessing said wallet server, wherein said activator exchanges 
information with said wallet server to complete said electronic 
transactions. 

69. (New) The digital wallet client of claim 67 wherein said wallet application 
is further configured to authenticate said user to said wallet server based 
at least in part upon a credential received at said digital wallet client from a 
security server on said digital network. 

70. (New) The digital wallet client of claim 68 wherein said activator 
comprises a status indicator displayed to said user, said status indicator 
corresponding to the availability of wallet services for a web page. 

71 . (New) The digital wallet client of claim 69 wherein said wallet application 
is further configured to obtain a digital signature from said token and to 
provide said digital signature to said wallet server via said digital network. 



1 72. (New) A wallet server for facilitating a transaction via a digital network, the 

2 wallet server comprising: 

3 a. an interface to a digital network; and 

4 b. a wallet server application in communication with a database; 

5 wherein said wallet server is configured to receive a request for a 

6 transaction from a wallet client, to process a credential received 

7 from said wallet client to authenticate a user of said wallet client, to 

8 retrieve user information from said database after authenticating 

9 said user, and to complete said transaction on behalf of said user 
10 using said user information. 



73. (New) The wallet server of claim 72 wherein said credential comprises a 
digital signature. 
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74. (New) The wallet server of claim 73 wherein said credential comprises a 
random digest digitally signed by a token in the possession of said user. 

75. (New) The wallet server of claim 74 wherein said digest is provided to 
said wallet client by a security server. 

76. (New) The wallet server of claim 72 wherein completing said transaction 
on behalf of said user comprises completing a merchant form with said 
user information. 

1 77. (New) A computer-implemented method for facilitating an online purchase 

2 comprising the steps of: 

3 authenticating with a security server; 

4 receiving a credential from said security server; 

5 identifying a merchant address from which to make said purchase; 

6 providing said credential to a wallet server to authenticate said user to 

7 said wallet server; 

8 upon successful authentication with said wallet server, re-directing 

9 communications with said merchant address to said wallet server 

10 such that said wallet server provides purchase information about 

1 1 said user to said merchant address; and 

12 receiving a confirmation of the results of said purchase. 

78. (New) The method of claim 77 wherein said credential comprises a digital 
signature. 

79. (New) The method of claim 78 wherein said credential comprises data 
received from a security server. 
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1 80. (New) A computer-implemented method for facilitating an online purchase 

2 comprising the steps of: 

3 receiving a request for a transaction from a user at a server, said request 

4 comprising a merchant address and a credential; 

5 verifying said credential to authenticate said user; 

6 retrieving user information from a database in response to said verifying 

7 step; 

8 completing an online form corresponding to said merchant address; and 

9 providing a purchase result to said user. 

81. (New) The method of claim 80 wherein said credential comprises a digital 
signature. 



82. (New) The method of claim 81 wherein said credential comprises data 
received from a security server. 

83. (New) The method of claim 82 wherein said security server is affiliated 
with said server. 

84. (New) The method of any of claim 81 wherein said digital signature is 
produced by a smartcard. 



1 85. (New) A computer-implemented method for facilitating access to a 

2 service, the method comprising the steps of: « 

3 receiving a logon request from a user; 

4 verifying that said user is in possession of a token; 

5 providing a credential to said user if said verification is successful; 

6 receiving a transaction request from a user, said transaction request 

7 comprising at least a part of said credential; and 

8 processing said at least a part of said credential to provide access to said 

9 service. 
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86. (New) The method of claim 85 wherein said verification step comprises a 
challenge-response. 

87. (New) The method of claim 86 wherein said challenge-response 
comprises random data provided to said token. 

88. (New) The method of claim 87 wherein said challenge-response further 
comprises a digital signature of said random data. 

89. (New) The method of any of claim 85 wherein said service is a financial 
transaction. 
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